CWMD Cloud Software Engineering Support: Request for Information (RFI) Notice Type Request for Information (RFI) Contracting Office Office of the Chief Procurement Officer, Office of Procurement Operations, Countering Weapon of Mass Destruction Acquisition Division, Washington, District of Columbia, 20528, United States ZIP Code 20528 Reference Solicitation Number N/A Point of Contact Frank Douglass, Contracting Officer, [email protected], 202-447-5649 Rosa Lopez, Contract Specialist, [email protected], 202-447-0621 Small Business Set-Aside No decision has yet been made regarding the small business strategy for a possible acquisition. Your response should identify your business size (large or small) in this RFI. The government is interested in all small businesses, including 8(a), Historically Underutilized Business Zone (HUBZONE), or Service Disabled Veteran (SDV) Owned Small Businesses that are interested in and capable of performing this requirement. The government requests interested parties submit a brief description of their company's business size (i.e. annual revenues and employee size) and business status (i.e., 8(a), HUBZONE or SDV, small business). Small businesses are advised that FAR 52.219-14, Limitations on Subcontracting, would apply wherein at least 50 percent of the work must be performed by the small business prime contractor alone. Description THIS IS A REQUEST FOR INFORMATION (RFI) ONLY. This RFI is issued solely for information and planning purposes and does not constitute a solicitation. Nonetheless, submitters should properly mark their responses if the information is "business confidential" or "proprietary information." Submitters should note, if the information is
Transcript
CWMD Cloud Software Engineering Support: Request for Information (RFI)
Notice Type Request for Information (RFI)
Contracting Office Office of the Chief Procurement Officer, Office of Procurement Operations, Countering Weapon of Mass Destruction Acquisition Division, Washington, District of Columbia, 20528, United States
ZIP Code 20528
Reference Solicitation Number N/A
Point of Contact Frank Douglass, Contracting Officer, [email protected], 202-447-5649 Rosa Lopez, Contract Specialist, [email protected], 202-447-0621
Small Business Set-Aside No decision has yet been made regarding the small business strategy for a possible acquisition. Your response should identify your business size (large or small) in this RFI. The government is interested in all small businesses, including 8(a), Historically Underutilized Business Zone (HUBZONE), or Service Disabled Veteran (SDV) Owned Small Businesses that are interested in and capable of performing this requirement. The government requests interested parties submit a brief description of their company's business size (i.e. annual revenues and employee size) and business status (i.e., 8(a), HUBZONE or SDV, small business). Small businesses are advised that FAR 52.219-14, Limitations on Subcontracting, would apply wherein at least 50 percent of the work must be performed by the small business prime contractor alone.
Description THIS IS A REQUEST FOR INFORMATION (RFI) ONLY.
This RFI is issued solely for information and planning purposes and does not constitute a solicitation. Nonetheless, submitters should properly mark their responses if the information is "business confidential" or "proprietary information." Submitters should note, if the information is
confidential or proprietary, this information may be reviewed by government support contractors in conjunction with government officials. Further, those who respond to this RFI should not anticipate feedback with regards to its submission other than acknowledgment of receipt, should the submitter request an acknowledgement. In accordance with FAR 15.201(e), responses to this notice are not offers and cannot be accepted by the government to form a binding contract. All submissions become the property of the Federal Government and will not be returned. Responders are solely responsible for all expenses associated with responding to this RFI.
INTRODUCTION In December 2018, Congress passed the “Countering Weapons of Mass Destruction Act of 2018,” which established that CWMD shall be responsible for coordinating with other Federal efforts and developing a strategy and policy for the Department to plan for, detect, and protect against the importation, possession, storage, transportation, development, or use of unauthorized chemical, biological, radiological, and nuclear (CBRN) materials, devices, or agents in the United States and to protect against an attack using such materials, devices, or agents against the people, territory, or interests of the United States.
CWMD’s mission is to counter attempts by terrorists or other threat actors to carry out an attack against the United States or its interests using a weapon of mass destruction (biological, chemical, nuclear, or radiological). All activities are aligned to prevent, protect against, and prepare for to the full spectrum of WMD threats to the Homeland. CWMD supports frontline operators by providing information, equipment, and expertise. Additionally, CWMD coordinates with the operators to determine their needs and requirements to execute their mission. This enables CWMD to provide the appropriate mission support and increase interoperability and data sharing across the operational partners. A significant chemical, biological, radiological, or nuclear weapon event against the United States or our interests abroad would have profound and potentially catastrophic impacts worldwide. To counter these threats, the homeland security and law enforcement communities (federal, state, and local) charged to protect the homeland must understand the threats and be equipped with the most timely and relevant information available.
The Rapid Capability Division executes rapid and/or sensitive procurement activities in response to emerging operational needs and requirements. Rapid capability programs maximize decision authority efficiencies and optimize regulatory tailoring to expedite the fielding of disruptive capabilities, while remaining compliant with the Federal Acquisition Regulation (FAR) and/or other special authorities where applicable (e.g., Other Transactional Authorities). Rapid capability programs often pursue technology innovations in an agile fashion to create prototypes designed to be leave-behind capabilities, or first increments of fielded capabilities. Rapid capability solutions are executed with the goal of fielding a capability on a small scale within six months to a year.
The Rapid Capabilities Division is currently responsible for CWMD Information Technology (IT) Mission Support Environment. The CWMD IT Mission support environment is designed to host multiple CWMD mission support IT applications and systems requiring internal and external access by DHS and CWMD customers and staff. The CWMD IT Mission support environment is the backbone of the CWMD Information Architecture. The CWMD Information Architecture will provide mission support applications, data feeds, and cloud environments at different classification levels and security categorization levels. A full range of cloud software engineering services, system administration, cyber security services, cloud technical services, and supporting software
will be required to take the CWMD Information Architecture to a fully functional mature capability.
PURPOSE OF RFI The purpose of this RFI is to assist CWMD with identifying the number and nature of the entities that comprise the universe of feasible technical solution providers.
A draft Statement of Work in included as Attachment 1 to this RFI.
SUBMISSION INSTRUCTIONS RFI submissions should be limited to no more than 10 pages (Times New Roman; font size no less than 11 points (9 points for figures/tables)). Responses must be in the form of Microsoft Word and/or PDF (searchable format) documents.
Interested parties must provide the following: 1. Completed RFI Questionnaire, RFI Attachment 2 (does not count toward the 10-page limit)2. Capability Statement (Unclassified, limited to 10 pages)
Responses should be submitted via e-mail to Frank Douglass at [email protected] and Rosa Lopez at [email protected] no later than 2:00pm (Eastern) on January 31, 2020. The subject line of the email should contain the RFI number CWMD Cloud Software Engineering Support. Proprietary information, if any, should be minimized and MUST BE CLEARLY MARKED. Please segregate proprietary information. Please be advised that all submissions become government property and will not be returned.
DRAFT (RFI Version)
1 DRAFT (RFI Version)
DEPARTMENT OF HOMELAND SECURITY (DHS)
STATEMENT OF WORK (SOW) FOR
CWMD CLOUD SOFTWARE ENGINEERING SERVICES
1.0 GENERAL
The purpose of this effort is to provide cloud software engineering services, cloud technical services, and supporting software to the Department of Homeland Security (DHS) Countering Weapons of Mass Destruction (CWMD) Systems Support Directorate (SSD) and other CWMD directorates for the fielding of an Information Architecture to support CWMD in its effort to combat the catastrophic use of a weapon of mass destruction within the United States and its territories.
1.1 BACKGROUND
In December 2018, Congress passed the “Countering Weapons of Mass Destruction Act of 2018,” which established that CWMD shall be responsible for coordinating with other Federal efforts and developing a strategy and policy for the Department to plan for, detect, and protect against the importation, possession, storage, transportation, development, or use of unauthorized chemical, biological, radiological, and nuclear (CBRN) materials, devices, or agents in the United States and to protect against an attack using such materials, devices, or agents against the people, territory, or interests of the United States.
CWMD’s mission is to counter attempts by terrorists or other threat actors to carry out an attack against the United States or its interests using a weapon of mass destruction (biological, chemical, nuclear, or radiological). All activities are aligned to prevent, protect against, and prepare for to the full spectrum of WMD threats to the Homeland. CWMD supports frontline operators by providing information, equipment, and expertise. Additionally, CWMD coordinates with the operators to determine their needs and requirements to execute their mission. This enables CWMD to provide the appropriate mission support and increase interoperability and data sharing across the operational partners. A significant chemical, biological, radiological, or nuclear weapon event against the United States or our interests abroad would have profound and potentially catastrophic impacts worldwide. To counter these threats, the homeland security and law enforcement communities (federal, state, and local) charged to protect the homeland must understand the threats and be equipped with the most timely and relevant information available.
The CWMD SSD directorate’s mission is to develop, acquire, and deploy effective counter-WMD capabilities for operational partners. To efficiently deliver CWMD Support, SSD is broken down into five (5) Divisions: Research and Development (R&D), Rapid Capabilities, Test and Evaluation (T&E), Acquisition, and Program Integration and Mission Support.
The Rapid Capability Division executes rapid and/or sensitive procurement activities in response to emerging operational needs and requirements. Rapid capability programs maximize decision authority efficiencies and optimize regulatory tailoring to expedite the fielding of disruptive capabilities, while remaining compliant with the Federal Acquisition Regulation
DRAFT (RFI Version)
2 DRAFT (RFI Version)
(FAR) and/or other special authorities where applicable (e.g., Other Transactional Authorities). Rapid capability programs often pursue technology innovations in an agile fashion to create prototypes designed to be leave-behind capabilities, or first increments of fielded capabilities. Rapid capability solutions are executed with the goal of fielding a capability on a small scale within six months to a year.
The Rapid Capabilities Division is also currently responsible for CWMD Information Technology (IT) Mission Support. The CWMD IT Mission support environment is designed to host multiple CWMD mission support IT applications and systems requiring internal and external access by DHS and CWMD customers and staff. The CWMD IT Mission support environment is the backbone of the CWMD Information Architecture. The CWMD Information Architecture will provide mission support applications, data feeds, and cloud environments at different classification levels and security categorization levels. A full range of cloud software engineering services, system administration, cyber security services, cloud technical services, and supporting software will be required to take the CWMD Information Architecture, herein known as the “system”, to a fully functional mature capability.
1.2 SCOPE
The scope of this support encompasses a full range of cloud software engineering services, system administration, cyber security services, cloud technical services, and supporting software to develop, field, maintain, secure, and accredit the CWMD Information Architecture.
The Contractor shall furnish the necessary personnel, equipment, and materials to provide support for the task areas described in Section 2.0, Specific Requirements/Tasks.
1.3 OBJECTIVE
The objective of this SOW is for CWMD to obtain cloud software engineering services, system administration, cyber security services, cloud technical services, and supporting software to develop, maintain, and accredit the cloud infrastructure and applications for the CWMD Information Architecture.
1.4 APPLICABLE DOCUMENTS
1.4.1 Compliance Documents
The following documents provide specifications, standards, or guidelines that must be complied with to meet the requirements of this contract:
• Federal Acquisition Regulation (FAR), FAC 2019-06, Volume I-Parts 1 to 51, effectiveSeptember 10, 2019
• DHS Acquisition Management Directive 102-01, Revision 03.1 dated February 25, 2019• DHS Acquisition Management Instruction 102-01-001, Revision 01.1, dated May 3, 2019• DHS Systems Engineering Life Cycle Instruction 102-01-03, Revision 00, dated
November 5, 2015• DHS Sensitive Systems Policy Directive 4300A, Version 12.01, dated February 12, 2016• System Security Authorization Process Guide Version 14.1 dated April 4, 2019
DRAFT (RFI Version)
3 DRAFT (RFI Version)
• DHS Individual Use and Operation of DHS Information Systems/Computers,Management Directive 4900
• CWMD Solution Development Process Guide 100-CWMD-127550v1.00 dated July 3,2018
• CWMD Technical Review Guide 100-CWMD-119560v3.0 dated October 19, 2018
1.4.2 Reference Documents
The following documents may be helpful to the Contractor in performing the work described in this document:
• NIST SP 800-47, Security Guide for Interconnecting Information Technology Systems• NIST SP 800-53 Revision 3, Recommended Security Controls for Federal Information
Systems and Organizations• NIST SP 800-92 Guide to Computer Security Log Management• NIST SP 800-95 Guide to Secure Web Services• NIST SP 800-113 Guide to SSL VPNs• NIST SP 800-123 Guide to General Server Security• NIST SP 800-125 Guide to Security for Full Virtualization Technologies• NIST SP 800-145 The NIST Definition of Cloud Computing• NIST SP 800-146 Cloud Computing Synopsis and Recommendations
2.0 SPECIFIC REQUIREMENTS/TASKS
Items 2.1 to 2.5 are Contractor personnel, cloud technical services, and software to directly support the system. Items 2.6 to 2.8 are Contractor personnel to directly support tenant applications that will reside in the system.
2.1 Cloud Software Engineering The contractor shall provide cloud software engineering support by:
• Implementing, configureing, secureing, and managing cloud-based solutions suchas Software as a Service (SaaS) and Platform as a Service (PaaS).
• Planning and implementing the cloud infrastructure for distributed applications anddata storage that will run in the system.
• Performing software coding and engineering on the system’s cloud infrastructure.• Managing a mix of cloud environments (i.e., public, private, and hybrid cloud
solutions).• Haveing a working knowledge of emerging technologies relevant to cloud
computing (e.g. Machine Learning (ML) and Artificial Intelligence (AI)).• Working alongside the tenant application development teams to support transition
and operation of client web sites / applications in and out of the system.• Creating and employ back-up and disaster recovery solutions.• Creating processes designed to measure system effectiveness and identify areas
for improvement.• Estimating cloud costs and identify operational cost control mechanisms.• Keeping technical documentation up to date.
DRAFT (RFI Version)
4 DRAFT (RFI Version)
• Creating processes intended to provide environment security, as well as automated processes to provide information on current specifications.
• Overseeing the selection of orchestration tooling, as well as compliance audits and reporting.
• Identifying, correcting, and enhancing important software tools. • Seeking ways to enhance systems operations, with a focus on automation and
minimizing cost. • Staying abreast of new technologies in the field and provide recommendations to
organizational management on new cloud and software solutions. • Designing and implementing a data retention strategy consistent with required
DHS and CWMD policies. • Produceing and maintaining system architecture drawings such as OV-1s and SV-
1s. 2.2 Cyber Security Support The contractor shall provide cyber security support by:
• Researching, developing, implementing, testing, and reviewing CWMD’s system’s cyber security to protect information and prevent unauthorized access.
• Informing users about security measures, explain potential threats, install software patches, implement security measures, and monitor networks.
• Gathering information necessary to maintain security and establish functioning external barriers such as firewalls and other security measures.
• Defining, creating, and maintaining the documentation for DHS certification and accreditation of the system and its minor tenant applications in accordance with NIST and DHS requirements.
• Assessing the cyber security impacts on system modifications and technological advances.
• Reviewing the system and its tenant applications to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades.
• Developing detailed security standard operating procedures that implement agency security policy.
• Updating Security Plans and control descriptions in IACS for systems on an as needed basis.
• Updating security procedures. • Evaluating, recommending, and implementing security controls. • Monitoring the intrusion detection/prevention systems, firewalls, security event
manager, and other tools as necessary. • Developing and maintaining the security and network architecture that implements
relevant security laws, regulations, and policies. • Implementing capability to research and investigate possible security breaches
and incidents. • Documenting exceptions to security profiles and policies, where the exceptions
are applied. • Recommending approval or rejection of proposed tenant software application
security design. • Recommending alternative approaches to system developers to address security
issues.
DRAFT (RFI Version)
5 DRAFT (RFI Version)
• Ensuring that security best practices are utilized in the design, implementation,and testing of the system and tenant applications.
• Ensuring that audit trails are reviewed periodically, (i.e. weekly or daily). Also, thataudit records are archived for future reference, if required.
• Initiating protective or corrective measures if a security problem is discovered.• Reporting the system’s security status and security incidents in accordance with
DHS instructions and procedures when the system is compromised.• Evaluating known vulnerabilities to ascertain if additional safeguards are needed.• Maintaining a plan for site security improvements and progress towards meeting
the accreditation.• Keeping up to date on the DHS and industry cyber security requirements for cloud
environments.
2.3 Cloud System Administration The contractor shall provide cloud system administration support by:
• Provisioning and de-provisioning cloud accounts for internal customers.• Working alongside the cloud software engineers and tenant application
development teams to support transition and operation of client websites/applications in and out of the system.
• Deploying, managing, and operating the cloud environments.• Identifying appropriate use of cloud operational best practices.• Estimating cloud costs and identifying operational cost control mechanisms.• Keeping technical documentation up to date.• Createing (where appropriate) automation, to streamline provisioning and de-
provisioning processes.• Leading certain data/service migration projects.• Performing software upgrades. kernel patching, and errata patches.• Managing disaster recovery and create backups.• Performing periodic security and vulnerability scans on the system at the
direction of the Information Systems Security Officer or System Owner.• Monitoring the availability of system resources and measure the extent of
performance.• Keeping up to date on cloud services and developments.
2.4 Cloud Technical Services The contractor shall provide cloud technical services support.
• The cloud solution provider must have the ability to provide reserve and on-demand cloud services technical capability within facilities located within theContinental United States (CONUS).
• The cloud solution must allow CWMD to restrict access to CWMD data,applications, and cloud infrastructure to users authorized by CWMD. The cloudreseller shall not retain any unauthorized access to CWMD data, applications, orcloud infrastructure.
• The cloud solution will include technical services for implementation andconfiguration.
• The cloud solution must be FedRAMP certified/compliant as listed onhttps://www.fedramp.gov/marketplace/compliant-systems/.
DRAFT (RFI Version)
6 DRAFT (RFI Version)
• The cloud solution must offer FIPS 140-2 compliant end points. • The cloud solution must have specific cloud for Government customers and
those customers with specific regulatory and compliance requirements (i.e. ITAR compliance).
• The cloud solution must meet US Persons only access requirements both logically and physically to the cloud network.
• The cloud solution must possess security controls and certifications such as SOC 1/SSAE 16/ISAE 3402 (formerly SAS70), SOC 2, SOC 3, PCI DSS Level 1, ISO 27001, and FISMA, ITAR, CSA, and MPAA.
• The cloud solution must provide enterprise-level automation that allows customers to create and manage a collection of related cloud infrastructure resources, provisioning and updating them in an orderly and predictable fashion.
• The cloud solution must provide the capability to unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction.
• The cloud solution must support internet bandwidth of at least 10Gb/s. • The cloud solution must support service provisioning and de-provisioning times
(scale up/down), making the service available with automated, instant scaling ability.
• The cloud solution must provide visibility into service usage and costing via a dashboard.
• The cloud solution must provide ability to control Internet Protocol (IP) networking configuration.
• The cloud solution must provide the ability to create multiple private and public subnets.
• The cloud solution must provide ability to set up, operate, and scale a columnar managed-service database for business intelligence.
• The cloud solution must provide storage infrastructure for storing and retrieving any amount of data, at any time, from private CWMD networks.
• The cloud solution must provide archival storage for infrequently accessed data. • The cloud solution must have at least a FedRAMP Provisional Authority to
Operate (P-ATO). • If a P-ATO is not available, the cloud solution will obtain a FedRAMP compliant
agency ATO in compliance with the FedRAMP Security Assessment Framework. • The cloud solution traffic must be able to be routed through the DHS One-NET
Trusted Internet Connection (TIC). • The cloud solution must operate at a moderate and high impact level. • The cloud solution must follow NIST Special publication 800-137, DHS guidance
for continuous monitoring. • The cloud solution will comply with the DHS Computer Security Incident Handling
guide. • The cloud solution will be HSPD-12 compliant. • The cloud solution will maintain audit logs to meet FISMA requirements. • The cloud solution provider must provide evidence of their authorized reseller
status. • The cloud solution provider must provide usage-based accounting and payment
for systems and services. • The cloud solution provider must have the ability to provide technical assistance
24 hours a day/7 days a week.
DRAFT (RFI Version)
7 DRAFT (RFI Version)
2.5 Additional Software The contractor shall support the:
• Purchase commercial software items, licenses, maintenance, and training that are required for the system.
Optional Services: 2.6 Cloud Application Developer The contractor shall provide cloud application developer support by:
• Developing, launching, and debugging cloud-based applications. • Haveing hands-on coding skills in one or more desirable cloud-applicable
programming languages, such as Python, R, Ruby, Java, and C#. • Utilizing one or more of the leading cloud vendors’ software development kits
(SDK) and managed services. • Understanding application lifecycle management (ALM). • Developing secure apps using current cyber security best practices. • Reverse engineering in-house programs and repackage into cloud-native apps. • Having database development skills in platforms like SQL, MySQL, Hadoop,
Cassandra, MongoDB, Redis, and Kafka. • Having knowledge of emerging container technologies such as Docker and
container management platforms like Kubernetes. • Working with the cloud software engineers, cloud security support, and cloud
system administration to move the tenant applications from development, to pre-production, to production in the system.
2.7 Cloud Application System Administrator The contractor shall provide cloud application system administrator support by:
• Provisioning and de-provisioning application accounts for internal customers. • Working alongside the cloud software engineers and tenant application
development teams to support transition and operation of client web sites/applications in and out of the system.
• Deploying, managing, and operating the application in the cloud environments. • Identifying appropriate use of application operational best practices. • Keeping technical documentation up to date. • Creating (where appropriate) automation, to streamline provisioning and de-
provisioning processes. • Performing application software upgrades, kernel patching, and errata patches. • Managing disaster recovery and create backups for applications. • Performing periodic security and vulnerability scans on the application and
application environment at the direction of the Information Systems Security Officer or System Owner.
• Monitoring the availability of system resources and measure the extent of performance.
• Keeping up to date on cloud services and developments.
DRAFT (RFI Version)
8 DRAFT (RFI Version)
2.8 Cloud Application Security Support The contractor shall provide cloud application security support by:
• Researching, developing, implementing, testing, and reviewing the application(s)’ cyber security to protect information and prevent unauthorized access.
• Informing users about security measures, explain potential threats, install software patches, implement security measures, and monitor networks.
• Gathering information necessary to maintain security and work with the systems cyber security personnel to establish functioning external barriers such as firewalls and other security measures.
• Defining, creating, and maintaining the documentation for DHS certification and accreditation for the application(s) in accordance with NIST and DHS requirements.
• Assessing the cyber security impacts on application(s) modifications and technological advances.
• Continuously monitoring the application(s) to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades.
• Developing detailed security standard operating procedures for the application(s) that implement agency security policy.
• Working with the system’s cyber security personnel to update Security Plans and control descriptions in IACS for the application(s) on an as needed basis.
• Updating security procedures as needed or directed. • Evaluating, recommending, and monitoring security controls for the application(s). • Monitoring the intrusion detection/prevention systems, firewalls, security event
manager, and other tools as necessary. • Implementing capability to research and investigate possible security breaches
and incidents. • Documenting exceptions to security profiles and policies, where the exceptions
are applied. • Recommending alternative approaches to system developers to address security
issues. • Ensuring that security best practices are utilized in the design, implementation,
and testing of the application(s). • Ensuring that audit trails are reviewed periodically, (i.e. weekly or daily). Also, that
audit records are archived for future reference, if required. • Initiating protective or corrective measures if a security problem is discovered. • Reporting the application(s)’ status and security incidents in accordance with DHS
instructions and procedures when the system is compromised. • Evaluating known vulnerabilities to ascertain if additional safeguards are needed. • Keeping up to date on the DHS and industry cyber security requirements for cloud
environments.
DRAFT (RFI Version)
9 DRAFT (RFI Version)
3.0 CONTRACTOR PERSONNEL
3.1 QUALIFIED Personnel
The Contractor shall provide qualified personnel to perform all requirements specified in this SOW.
The following labor categories from the Standard Occupational Classification apply to performance at both at the contractor site and DHS locations. A description of the labor categories can be found in the “Standard Occupational Classification Manual, United States 2018”. The manual can be found at: https://www.bls.gov/soc/2018/home.htm
Manager, All Others 11-9199 Senior Computer Programmers 15-1131 Subject Matter Expert Computer Programmers 15-1131 Senior Computer Programmers 15-1131 Journeyman Software Developers 15-1252 Senior Software Developers 15-1252 Journeyman Network and Computer Systems Administrators 15-1244 Senior Information Security Analysts 15-1212 Senior Information Security Analysts 15-1212 Journeyman Tech Writer 27-3042 journeyman
Labor categories are further defined as Junior, Journeyman, and Senior based on years of experience, education, and duties/responsibilities as follows:
• JUNIOR: A Junior labor category has up to 3 years-experience and a BA/BS degree inthe field of computer science or equivalent. A Junior labor category is responsible for assistingmore senior positions and/or performing functional duties under the oversight of more seniorpositions.
• JOURNEYMAN: A Journeyman labor category has 3 to 10 years of experience with aBA/BS degree or 3 to 7-year experience with a MA/MS degree in the field of computer scienceor equivalent. A Journeyman labor category typically performs all functional dutiesindependently.
• SENIOR: A Senior labor category has over 10 years of experience with a BA/BS degreeor 8 years of experience with a MA/MS degree in the field of computer science or equivalent. ASenior labor category typically works on high-visibility or mission critical aspects of a givenprogram and performs all functional duties independently. A Senior labor category may overseethe efforts of less senior staff and/or be responsible for the efforts of all staff assigned to aspecific job.
• SUBJECT MATTER EXPERT (SME): A Subject Matter Expert is an individual whosequalifications and/or expertise are exceptional and/or highly unique. Subject Matter Experts donot have specific experience/education qualifications but are typically identified as recognizedIndustry leaders for a given area of expertise. Subject Matter Experts typically perform thefollowing kinds of functions: Initiates, supervises, and/or develops requirements from a project’s
DRAFT (RFI Version)
10 DRAFT (RFI Version)
inception to conclusion for complex to extremely complex programs; Provides strategic advice, technical guidance, and expertise to program and project staff; Provides detailed analysis, evaluation, and recommendations for improvements, optimization development, and/or maintenance efforts for client-specific or mission critical challenges/issues; Consults with client to define need or problem; supervises studies; and Leads surveys to collect and analyze data to provide advice and recommend solutions. Contractors may deviate from the definitions above when responding to solicitations so long as the deviations are clearly identified in their quote. For example, a Contractor might label an employee as “Senior”, but the employee does not have a MA/MS degree. Likewise, a Contractor might label an employee as “Junior” even though the employee has more than three years of experience. Deviations shall be clearly identified in proposals submitted in response to solicitations. 3.2 Continuity of Support The Contractor shall ensure that the contractually required level of support for this requirement is always maintained. The Contractor shall ensure that all contract support personnel are present for all hours of the workday. If for any reason the Contractor staffing levels are not maintained due to vacation, leave, appointments, etc., and replacement personnel will not be provided, the Contractor shall provide e-mail notification to the Contracting Officer’s Representative (COR) prior to employee absence. Otherwise, the Contractor shall provide a fully qualified replacement. 3.3 Key Personnel The Program Manager, Technical Lead, and Information System Security Officer (ISSO) shall be designated as Key Personnel for this SOW. Duties of the Program Manager are contained in paragraph 3.3.1 “Program Manager”. Duties of the Technical Lead are contained in paragraph 3.3.2 “Technical Lead”. Duties of the Information Systems Security Officer are contained in paragraph 3.3.3 “Information Systems Security Officer”. Before replacing any individual designated as Key by the Government, the Contractor shall notify the Contracting Officer and Contracting Officer’s Representative no less than 15 business days in advance, submit written justification for replacement, and provide the name and qualifications of any proposed substitute(s). All proposed substitutes shall possess qualifications equal to or superior to those of the Key person being replaced, unless otherwise approved by the Contracting Officer. The Contractor shall not replace Key Contractor personnel without approval from the Contracting Officer. Contractor Key personnel shall not be assigned by the Contractor to more than one key position for this requirement. The following Contractor personnel are designated as Key for this requirement: (Note: The Government may designate additional Contractor personnel as Key at the time of award.) 3.3.1 Project Manager The Contractor shall provide a Project Manager who shall be responsible for all Contractor work performed under this SOW. The Project Manager shall be a single point of contact for the Contracting Officer and the Contracting Officer’s Representative. The Project Manager shall be one of the senior level employees provided by the Contractor for this work effort. The name of the Project Manager, and the name(s) of any alternate(s) who shall act for the Contractor in the absence of the Project Manager, shall be provided to the Government as part of the
DRAFT (RFI Version)
11 DRAFT (RFI Version)
Contractor's proposal. The Project Manager is further designated as Key by the Government. During any absence of the Project Manager, only one alternate shall have full authority to act for the Contractor on all matters relating to work performed under this contract. The Project Manager and all designated alternates shall be able to read, write, speak and understand English. Additionally, the Contractor shall not replace the Project Manager without prior approval from the Contracting Officer.
The Project Manager shall be available to the Contracting Officer’s Representative via telephone and/or in person between the hours of 0800 and 1800 EST, Monday through Friday, and shall respond to a request for discussion or resolution of technical problems within 3 hours of notification.
3.3.2 Technical Lead
The Contractor shall provide a Technical Lead who shall be responsible for all technical work performed under this SOW. The Technical Lead shall be one of the senior level employees provided by the Contractor for this work effort. The name of the Technical Lead, and the name(s) of any alternate(s) who shall act for the Contractor in the absence of the Technical Lead, shall be provided to the Government as part of the Contractor's proposal. The Technical Lead is further designated as Key by the Government. During any absence of the Technical Lead, only one alternate shall have full authority to act for the Contractor on all matters relating to technical work performed under this contract. The Technical Lead and all designated alternates shall be able to read, write, speak and understand English. Additionally, the Contractor shall not replace the Technical Lead without prior approval from the Contracting Officer.
The Technical Lead shall be available to the Contracting Officer’s Representative via telephone and/or in person between the hours of 0800 and 1800 EST, Monday through Friday, and shall respond to a request for discussion or resolution of technical problems within 3 hours of notification.
3.3.3 Primary Information Systems Security Officer (ISSO)
The Contractor shall provide a primary Information Systems Security Officer who shall be responsible for all cyber security work performed under this SOW. The primary Information Systems Security Officer shall be one of the senior level employees provided by the Contractor for this work effort. The name of the primary Information Systems Security Officer, and the name(s) of any alternate(s) who shall act for the Contractor in the absence of the primary Information Systems Security Officer, shall be provided to the Government as part of the Contractor's proposal. The primary Information Systems Security Officer is further designated as Key by the Government. During any absence of the primary Information Systems Security Officer, only one alternate shall have full authority to act for the Contractor on all matters relating to cyber security work performed under this contract. The primary Information Systems Security Officer and all designated alternates shall be able to read, write, speak, and understand English. Additionally, the Contractor shall not replace the primary Information Systems Security Officer without prior approval from the Contracting Officer.
The primary Information Systems Security Officer shall be available to the Contracting Officer’s Representative via telephone and/or in person between the hours of 0800 and 1800 EST,
DRAFT (RFI Version)
12 DRAFT (RFI Version)
Monday through Friday, and shall respond to a request for discussion or resolution of cyber security problems within 3 hours of notification.
Alternate Information Systems Security Officers are not considered Key by the government. All Information Systems Security Officers must receive a designation as either the system’s primary or alternate Information Systems Security Officer by either the CWMD Chief Information Security Officer or the CWMD Information Systems Security Manager.
3.4 Employee Identification
3.4.1 Contractor employees visiting Government facilities shall wear an identification badge that, at a minimum, displays the Contractor name, the employee’s photo, name, clearance-level and badge expiration date. Visiting Contractor employees shall comply with all Government escort rules and requirements. All Contractor employees shall identify themselves as Contractors when their status is not clear and display all identification and visitor badges in plain view above the waist always.
3.4.2 Contractor employees working on-site at Government facilities shall wear a Government issued identification badge. All Contractor employees shall identify themselves as Contractors when their status is not clear (in meetings, when answering Government telephones, in e-mail messages, etc.) and display the Government issued badge in plain view above the waist always.
3.5 Employee Conduct
Contractor’s employees shall comply with all applicable Government regulations, policies and procedures (i.e. fire, safety, sanitation, environmental protection, security, “off limits” areas, wearing of parts of DHS uniforms, and possession of weapons) when visiting or working at Government facilities. The Contractor shall ensure Contractor employees present a professional appearance always and that their conduct shall not reflect discredit on the United States or the Department of Homeland Security. The Project Manager shall ensure Contractor employees understand and abide by Department of Homeland Security established rules, regulations, and policies concerning safety and security.
3.6 Removing Employees for Misconduct or Security Reasons
The Government may, at its sole discretion (via the Contracting Officer or Contracting Officer’s Representative), direct the Contractor to remove any Contractor employee from DHS facilities for misconduct or security reasons. Removal does not relieve the Contractor of the responsibility to continue providing the services required under the contract. The Contracting Officer or Contracting Officer’s Representative will provide the Contractor with a written explanation to support any request to remove an employee.
4.0 OTHER APPLICABLE CONDITIONS
4.1 SECURITY
Contractor access to classified information may be required under this SOW. The maximum level of classification is Secret. The details will be specified in a Department of Defense (DD) Form 254.
DRAFT (RFI Version)
13 DRAFT (RFI Version)
DHS has also determined that performance of this contract may require that the Contractor, sub-Contractor(s), vendor(s), etc. (herein known as Contractor), obtain access to classified National Security Information, Restricted Data, and Formerly Restricted Data (herein known as classified information). This contract will have varying security requirements. The Contractor shall be required to have personnel with various levels of access including: Suitability and Secret security clearance. Secret security clearances are required for the following contractor personnel: Project Manager, Technical Lead, Information Systems Security Officers(ISSO), and System Administrators. A Secret security clearance is optional for all other Contractor personnel if they are not required to access any classified information or systems. A DD Form 254 will be incorporated into the contract to authorize access and generation of classified information up to and including Secret, Restricted Data, and Formerly Restricted Data. 4.2 PERIOD OF PERFORMANCE The period of performance for this contract is a one-year base period with four (4) one-year option periods as follows:
CLIN Performance Period Performance Period Dates
0001 Base Period 9/08/2020 – 9/7/2021
0002 Optional Services – Task 2.6
0003 Optional Services – Task 2.7
0004 Optional Services – Task 2.8
1000 Option Period 1 9/08/2021 – 9/7/2022
1001 Optional Services – Task 2.6
1002 Optional Services – Task 2.7
1003 Optional Services – Task 2.8
2000 Option Period 2 9/08/2022 – 9/7/2023
2001 Optional Services – Task 2.6
2002 Optional Services – Task 2.7
2003 Optional Services – Task 2.8
3000 Option Period 3 9/08/2023 – 9/7/2024
3001 Optional Services – Task 2.6
3002 Optional Services – Task 2.7
3003 Optional Services – Task 2.8
4000 Option Period 4 9/08/2024 – 9/7/2025
4001 Optional Services – Task 2.6
DRAFT (RFI Version)
14 DRAFT (RFI Version)
4002 Optional Services – Task 2.7
4003 Optional Services – Task 2.8 4.3 PLACE OF PERFORMANCE The primary place of performance will be a combination of the Contractor’s facilities and CWMD Headquarters. The Contractor shall perform work for this effort at DHS offices located in the greater Washington, DC metropolitan area, or any facility that may be identified by the Government, which shall provide for continuity of operations. There may also be occasions where the Contractor may, or shall be expected to, work at its own facility. If allowed and/or required, this facility must be located within fifty (50) miles of the Washington, DC metropolitan area. Relocation of performance: In the event of an emergency event such as nuclear, biological, chemical, or radiological attack, natural disaster, or health emergency such as a pandemic, the Contractor shall change the location of the critical elements of the contract call performance as directed by the Contracting Officer or Contracting Officer’s Representative. Unless otherwise stated in the contract, the cost impact of such direction, such as the cost of relocation or cost differentials of working in a new location, is not included in the price of the contract and the Government shall provide an equitable adjustment to the contractor per any applicable “Changes” clause or the “Continuation of Essential Contractor Services” clause in the event of such direction. Contingency Planning: In anticipation of such relocation direction, the Contractor shall establish a contingency plan and document in a Business Continuity Plan (BCP) to accomplish efficient relocation of critical elements of its performance. The Contractor shall make its best effort to ensure that the BCP is consistent with the DHS Continuation of Operations Plan (COOP) provided by DHS. The plan shall identify the elements of call work that are necessary to continue DHS Mission Essential Functions (MEF) identified in the DHS plan. Other work requirements of the SOW call need not be addressed in the plan. The BCP shall be provided to the Contracting Officer’s Representative sixty (60) days after award of the contract or delivery of the DHS planning document by the Government, whichever is later. 4.4 HOURS OF OPERATION Contractor employees shall generally perform work between the base hours of 0600 and 1800 EST, Monday through Friday (except Federal holidays). The Contractor is encouraged to schedule daily work during base hours; however, there may be occasions when Contractor employees shall be required to work other than base hours, including weekends and holidays, to ensure continuous operational 24/7 system availability or mission support requirements of the system to a maximum hours of 1920 per year approved and documented with the Contracting Officer’s Representative. 4.5 TELEWORK Contractors may authorize select employees to telework in support of this effort. The Contractor also must submit a corresponding Corporate Telework Plan within 30 days after award. The
DRAFT (RFI Version)
15 DRAFT (RFI Version)
Contracting Officer’s Representative must approve this plan prior to implementation. The proposed authorized telework and corresponding Corporate Telework Plan must conform to the following guidance:
• There may be regularly-scheduled telework for contractor employee if specificallyauthorized by the Contracting Officer’s Representative to support specific mission requirements.• Telework may be authorized for days when inclement weather or other unusualcircumstances or emergencies cause the Federal Government to close, or to authorizeunscheduled telework for Federal employees.• In all cases, contractor telework will only be authorized to provide a benefit to theFederal Government (i.e., telework will not be authorized solely for personal reasons where nobenefit to the Federal Government is shown).• Telework will only be authorized for those labor categories that can demonstrate theability to perform core functions from a remote location on a temporary or short-term.• The Contractor’s proposed Statement and approved plans must show how implementingthe Plan will not have a negative impact on the work being performed under this effort• The contractor Program Manager must notify the federal lead 24 hours before acontractor teleworks.
4.6 TRAVEL
Contractor travel may be required to support this requirement. All travel required by the Government outside the local commuting area(s) will be reimbursed to the Contractor in accordance with the Federal Travel Regulations. The Contractor shall be responsible for obtaining Contracting Officer’s Representative approval (electronic mail is acceptable) for all reimbursable travel in advance of each travel event.
4.7 POST AWARD CONFERENCE
The Contractor shall attend a Post Award Conference with the Contracting Officer and the Contracting Officer’s Representative no later than 15 business days after the date of award. The purpose of the Post Award Conference, which will be chaired by the Contracting Officer, is to discuss technical and contracting objectives of this contract and review the Contractor's draft project plan. The Post Award Conference will be held at CWMD offices at 1120 Vermont Avenue NW in Washington DC. Teleconference capability will be made available for any personnel who cannot attend in-person.
4.8 CONTRACTOR PROJECT PLAN
The Contractor shall prepare and provide a Contractor Project Plan in collaboration with, and to be approved by, the Contracting Officer’s Representative. The Contracting Officer’s Representative, or an alternate formally designated in writing to the Contractor, is the Government's Representatives who may give technical direction to the Contractor. Direction is defined as that process by which the Contractor receives guidance, instruction or contract clarification as it is related to an element of work solely within the requirements of this SOW. A draft of the plan will be reviewed during the post award conference. Following the kickoff meeting, the contractor shall submit a final version of the plan at 30 days past the kickoff meeting. The plan will contain elements necessary for successful contract completion such as but not limited to:
DRAFT (RFI Version)
16 DRAFT (RFI Version)
• Contract performance goals and objectives • Work Breakdown Structure (WBS) • Schedule and key milestone events • Organization, staffing, and responsibility matrix • Funds, budget, and cost/price control management • Data management • Program risk management • Quality management • Performance measurements. Performance measurements will include input regarding
the performance of the staff, specific measurable, achievable, and realistic goals • Configuration Management
Deliverables: • Contractor Project Management Plan 4.9 BUSINESS CONTINUITY PLAN The Contractor shall prepare and submit a Business Continuity Plan (BCP) to the Government. The BCP Plan shall be due 60 business days after the date of award and will be updated on an annual basis. The BCP shall document Contractor plans and procedures to maintain support during an emergency, including natural disasters and acts of terrorism. The BCP, at a minimum, shall include the following:
• A description of the Contractor’s emergency management procedures and policy. • A description of how the Contractor will account for their employees during an
emergency. • How the Contractor will communicate with the Government during emergencies. • A list of primary and alternate Contractor points of contact, each with primary and
alternate: • Telephone numbers • E-mail addresses
4.9.1 Individual BCPs shall be activated immediately after determining that an emergency has occurred, shall be operational within 24 hours of activation or as directed by the Government, and shall be sustainable until the emergency is resolved, and normal conditions are restored, or the contract is terminated, whichever comes first. In case of a life-threatening emergency, the Contracting Officer’s Representative shall immediately contact the Contractor Project Manager to ascertain the status of any Contractor personnel who were in Government controlled space affected by the emergency. When any disruption of normal, daily operations occurs, the Contractor Project Manager and the Contracting Officer’s Representative shall promptly open an effective means of communication and verify:
• Key points of contact (Government and contractor) • Temporary work locations (alternate office spaces, telework, virtual offices, etc.) • Means of communication available under the circumstances (e.g. email, webmail,
telephone, FAX, courier, etc.) • Essential Contractor work products expected to be continued, by priority
4.9.2 The Government and Contractor Project Manager shall make use of the resources and tools available to continue contracted functions to the maximum extent possible under
DRAFT (RFI Version)
17 DRAFT (RFI Version)
emergency circumstances. Contractors shall obtain approval from the Contracting Officer prior to incurring costs over and above those allowed for under the terms of this contract. Regardless of contract type, and of work location, Contractors performing work in support of authorized tasks within the scope of their contract shall charge those hours accurately in accordance with the terms of this contract. 4.10 PROGRESS REPORTS Supplemental financial information shall be provided for each of the invoices submitted by the Contractor to provide backup information and justification for expenses incurred. This shall be reported per program, to include as a minimum labor hours and names of Contractor personnel charging hours, allocated per labor categories. The report shall include current financial data for the invoice submitted, cumulative data, and trend data against predetermined cost targets, per program, both in terms of trend to date and estimate at completion of the period of performance. The Contractor shall request approval from the Contracting Officer’s Representative in writing (via e-mail) any changes in Full Time Employee (FTE) levels and/or labor categories for each of the programs, prior to execution. The Contractor shall notify the Contracting Officer’s Representative in writing (via e-mail) when any Program’s expenses incurred have reached 70% of the predetermined allocated cost targets. Expenses and FTE allocations will be provided by the Contracting Officer’s Representative during a kick-off meeting at the beginning of the period of performance. The Contractor shall also organize and conduct a monthly, one-hour status briefing before the government, to address salient issues. As a minimum, issues pertaining to performance, funding, resources, FTE levels and personnel. The Contractor shall prepare and provide a monthly and end-of-year cost and performance reporting of tasks assigned. At a minimum, reports shall include (per program): narrative of support provided, expenditures, and projected expenditures for the next reporting period and to term, and major issues affecting cost and performance. The cost portions of the reports shall be easy to comprehend and provide detailed cost trends, projections, and variances. Reports also shall address problems or issues identified during the previous month and those still unresolved from previous reports. The required delivery dates and formats of the reports shall be specified in the Project Management Plan. End-of-year reports also shall be provided at a period following each of the base year, and each option year (as executed). The delivery date for these reports shall be in accordance with the Project Management Plan. CWMD Deliverables:
• Status Briefing • Invoice Supplemental Financial Information • Monthly Status Reports • Yearly Status Reports
DRAFT (RFI Version)
18 DRAFT (RFI Version)
4.11 PROGRESS MEETINGS The Project Manager shall be available to meet with the Contracting Officer’s Representative daily during business hours to discuss progress, exchange information, and resolve emergent technical problems and issues. The Contracting Officer’s Representative will determine the days and times of these meeting. These meetings shall take place in the Contracting Officer’s Representative office, via telephone, or via email as prescribed by the Contracting Officer’s Representative. 4.12 GENERAL REPORT REQUIREMENTS The Contractor shall provide all written reports in electronic format with read/write capability using applications that are compatible with DHS workstations (Windows 10 and Microsoft Office 365 Applications). 4.12 INTELLECTUAL PROPERTY Any technical data created, made or originated under this contract shall be the sole and exclusive property of the Government. Technical data includes any recorded information of a scientific or technical nature (e.g. product design or maintenance data, computer databases, and computer software documentation). “Computer software” includes executable code, source code, code listings, design details, processes, flow charts, and related material that would enable the software to be reproduced, recreated or recompiled. 4.13 PROTECTION OF INFORMATION Contractor access to information protected under the Privacy Act is required under this SOW. Contractor employees shall safeguard this information against unauthorized disclosure or dissemination in accordance with the law and Government policy and regulation. Contractor access to proprietary information may be required under this SOW. Contractor employees shall safeguard this information against unauthorized disclosure or dissemination in accordance with DHS MD 11042.1, Safeguarding Sensitive but Unclassified (For Official Use Only) Information. The Contractor shall ensure that all Contractor personnel having access to business or procurement sensitive information sign a non-disclosure agreement (DHS Form 11000-6). 4.15 SECTION 508 COMPLIANCE Pursuant to Section 508 of the Rehabilitation Act of 1973 (29 U.S.C. 794d) as amended by P.L. 105-220 under Title IV (Rehabilitation Act Amendments of 1998) all Electronic and Information Technology (EIT) developed, procured, maintained and/or used under this contract shall be in compliance with the “Electronic and Information Technology Accessibility Standards” set forth by the Architectural and Transportation Barriers Compliance Board (also referred to as the “Access Board”) in 36 CFR Part 1194. The complete text of Section 508 Standards can be accessed at http://www.access-board.gov/ or at http://www.section508.gov.
5.0 GOVERNMENT TERMS & DEFINITIONS There are no terms and definitions used in this SOW unique to CWMD. 6.0 GOVERNMENT FURNISHED RESOURCES The Government will provide the workspace, equipment, and supplies necessary to perform the on-site portion of Contractor services required in this contract, unless specifically stated otherwise in this SOW. The Government will provide the following equipment for off-site Contractor use in performing work under this contract: DHS issued laptops on an as-needed basis. The Contractor will use Government furnished facilities, property, equipment and supplies for the performance of work under this contract and shall be responsible for returning all Government furnished facilities, property, and equipment in good working condition, subject to normal wear and tear. 7.0 CONTRACTOR FURNISHED PROPERTY The Contractor shall furnish all facilities, materials, equipment and services necessary to fulfill the requirements of this contract, except for the Government Furnished Resources specified in SOW 2.0 and SOW 6.0. 8.0 GOVERNMENT ACCEPTANCE PERIOD
The Contracting Officer’s Representative will review deliverables prior to acceptance and provide the contractor with an e-mail that provides documented reasons for non-acceptance. If the deliverable is acceptable, the Contracting Officer’s Representative will send an e-mail to the Contractor notifying it that the deliverable has been accepted. 8.1 The Contracting Officer’s Representative will have the right to reject or require correction of any deficiencies found in the deliverables that are contrary to the information contained in the Contractor’s accepted proposal. In the event of a rejected deliverable, the Contractor will be notified in writing by the Contracting Officer’s Representative of the specific reasons for rejection. The Contractor may have an opportunity to correct the rejected deliverable and return it per delivery instructions. 8.2 The Contracting Officer’s Representative will have 20 business days to review deliverables and make comments. The Contractor shall have 20 business days to make corrections and redeliver. 8.3 All other review times and schedules for deliverables shall be agreed upon by the parties based on the final approved Project Plan. The Contractor shall be responsible for timely delivery to Government personnel in the agreed upon review chain, at each stage of the review. The Contractor shall work with personnel reviewing the deliverables to assure that the established schedule is maintained.
DRAFT (RFI Version)
20 DRAFT (RFI Version)
9.0 TRANSITION PLANNING AND EXECUTION All materials and data (most current versions) created and collected during performance and owned by the Government shall be turned over in a timely manner. The Contractor shall:
1. Develop and submit a draft transition-out plan 90 days prior to contract expiration (during Option Period 4). In the event the contract ends prior to the exercise of Option Period 4, the Contractor shall provide a draft transition-out plan 90 days prior to contract expiration if time is available, or within ten days of notification that contract will end. The plan shall include a technical and management transition approach that is clear and complete including the timeline and resources required for the transition. The Transition-out Plan shall detail the planned transition methodology in logical sequence to ensure a smooth transition of all tasks and/or subtasks of the Statement of Work without interruption or degradation of service. The plan shall include an approach that ensures the successful achievement while limiting impact to existing programs and/or projects. The draft transition-out plan shall be revised, if necessary, and the draft transition-out plan will become the final transition plan upon approval of the COR. The approved final transition-out plan shall be followed to ensure an orderly, secure, efficient, and expedient transition of all contract activities by the contract completion date;
2. Participate in meetings and/or telephone conversations required by the Government in
which transition procedures and activities are discussed and delineated;
3. Provide the Government at any point during and at the conclusion of the contract access to or copies of data and materials created, captured or stored required to support the services of this contract;
4. Deliver in accordance with the transition plan: all materials, data, documentation, and
software used and developed to support contract activities; and,
5. Prepare all the items noted in this section for electronic delivery, mailing or shipping to the successor Contractor(s) and/or the Government as directed by the COR.
10.0 DELIVERABLES The Contractor shall consider items in BOLD as having mandatory due dates. Items in italics are deliverables or events that must be reviewed and/or approved by the COR prior to proceeding to next deliverable or event in this SOW. ITEM SOW
REFERENCE DELIVERABLE / EVENT DUE BY DISTRIBUTION
1 4.7 Post Award Conference 15 business days after award
4. Does your company have an accounting system that has been determined to beadequate for determining costs applicable to the contract by DCAA or other cognizantgovernment audit agency? If yes, please provide Cognizant Government Agency,along with Cognizant Government Agency’s POC names, phone, and email.
5. What is the highest level of security clearance that your company holds (TopSecret/SCI, Top Secret, Secret, Confidential)?
6. Does your company have an active cloud practice? If so, how many people, how longhas it been in existence, what are the training requirements?
7. Are you an authorized third-party reseller of any cloud services (i.e. Amazon WebServices, Microsoft Azure, IBM cloud)?
8. Is your company an industry partner on any GSA Cloud Acquisition Vehicles (i.e.GSA 8(a) STARSII, GSA Alliant 2, GSA VETS 2)?
9. In the event a solicitation is issued, will your company consider a teamingarrangement? If yes, list the potential team members.
10. List at least two current/previous contracts (similar in size and scope) for which yourcompany has gained previous experience. Please provide the name of agency, title ofthe requirement, dollar value with options, performance period, contract number, andif you were the prime contractor or not.
![Welcome! [] › resources › DTRA... · modern tactics in innovation design and rapid fielding with our CWMD champions. Why you’re here! Rapid Capability Development & Fielding](https://static.documents.pub/doc/80x56/5f02de507e708231d40668ee/welcome-a-resources-a-dtra-modern-tactics-in-innovation-design-and.jpg)
![Home [comptroller.defense.gov]...C-WAC Counter-WMD Analysis Center CWMD Combating Weapons of Mass Destruction CWMD-T Combating Weapons of Mass Destruction -Terrorism DARPA Defense](https://static.documents.pub/doc/80x56/604484eac767f5339c757fd0/home-c-wac-counter-wmd-analysis-center-cwmd-combating-weapons-of-mass-destruction.jpg)
